Flame Users Can Use Big Data Too

News Editor

Just as a number of organizations have tapped into Big Data to help prevent security breaches, an agency (or agencies) appears to be using Big Data to parse data harvested by what the WSJ calls “the most sophisticated cyberweapon yet unleashed.”

Yesterday cyber threat experts Kaspersky Lab described an ambitious piece of malware rampaging through computers, primarily in the Middle East. They dubbed it ‘Flame’ after after one of the malware modules responsible for attacking and infecting machines, but the malware could have been called ‘Vacuum cleaner.’

AFP Photo/Kaspersky Lab

A screen grab shows a program of the computer virus known as Flame.

As a security manager for Symantec told the WSJ’s Ben Rooney, whoever is behind the malware has the capability to sift through a lot of data.”Usually with a standard attack malware writers will try to limit the amount of data coming off the machine because otherwise it is very hard to find what you are looking for,” said Orla Cox, Security Operations Manager for Symantec Corp. in Ireland. “This is like old-school espionage. Take everything you can and sift through it.”

As CIO Journal’s Michael Hickins wrote last week, Big Data technology is used to analyze multiple data types that don’t necessarily fit into tabular formats—data such as video and audio, images and documents. From early reports, Flame can capture Skype conversations as well as ordinary conversations by hijacking the infected computer’s internal microphone. It can also take screenshots of certain PC activity such as IM and email, steal names and phone numbers from contact folders and pull traffic information from an infected machine’s local network. This kind of data would be a nightmare to parse – if that were even possible – using standard analytic tools. But analytic software has taken a quantum leap forward with the invention of Hadoop, an open source analytic program that can analyze so-called unstructured data.

Companies like Zions Bank and eBay have started using Big Data for security. As eBay’s Mark Carges told CIO Journal, company data scientists have been able to detect fraud before it happens by analyzing unstructured data such as product descriptions and photos posted by users to determine the likelihood that a given seller is actually a thief.

That same capability allows cyber-spies to cast a wide net and then look for anything that might be valuable to them.

Comments (1 of 1)

Post: Tom, this is a very interesting and concerning reverse use of Big Data analytics. It also illustrates the importance of protecting unstructured data, not just databases, with advanced security measures like encryption. Valuable data and intellectual property now comes in many different formats. We will be discussing the topic of maintaining security and control of unstructured Big Data at an upcoming conference in Washington, DC: http://bit.ly/f5LeYz

In this second article in a two-part series, Sonny Garg, senior vice president and chief information and innovation officer at Exelon Corp., the $27.4 billion competitive energy provider based in Chicago, describes the structure and inner workings of his emerging technologies team.